CVE-2026-46467

MEDIUM

Dell PowerProtect Data Domain - Insertion of Sensitive Information into Log File

Title source: rule
STIX 2.1

Description

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

Scores

CVSS v3 5.8
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L

Details

CWE
CWE-532
Status published
Products (4)
Dell/PowerProtect Data Domain < 7.13.1.80 or later
Dell/PowerProtect Data Domain < 8.3.1.40 or later
Dell/PowerProtect Data Domain < 8.6.1.20 or later
Dell/PowerProtect Data Domain < 8.8.0.0 or later
Published Jul 03, 2026
Tracked Since Jul 03, 2026